From 254b7286b4d2654b95080a175c44195667e42ea8 Mon Sep 17 00:00:00 2001 From: Matthew Noorenberghe Date: Sat, 9 Feb 2019 16:41:54 -0800 Subject: [PATCH] monitor.php: Escape SignalCheckColour to prevent XSS. Fixes #2451 --- web/includes/Monitor.php | 14 ++++++++++++++ web/skins/classic/views/monitor.php | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index cc1d8eed7..538793ffb 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -331,6 +331,20 @@ private $control_fields = array( return $this->defaults{$field}; } // end function Height + public function SignalCheckColour($new=null) { + $field = 'SignalCheckColour'; + if ($new) { + $this->{$field} = $new; + } + + // Validate that it's a valid colour (we seem to allow color names, not just hex). + // This also helps prevent XSS. + if (array_key_exists($field, $this) && preg_match('/^[#0-9a-zA-Z]+$/', $this->{$field})) { + return $this->{$field}; + } + return $this->defaults{$field}; + } // end function SignalCheckColour + public function set($data) { foreach ($data as $k => $v) { if ( method_exists($this, $k) ) { diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 59e4ca04f..df78bbda9 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -1021,7 +1021,7 @@ if ( $monitor->Type() == 'Local' ) { -      +